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Amendments to the Claims 

1 . (Currently Amended) A method comprising: 

receiving a request from a client at a network address translator (NAT) 
that defines for a protocol not directly supported by the NAT a generalized port 
number (GPN) associated with that unsupported protocol and its location in each 
packet[: L the location comprising an indication of a bit position within a packet of 
where the GPN begins and a length of the GPN: 

creating an entry in a translation table of the NAT that defines for that 
protocol an association between a client's private IP address and GPN, a NATs 
assigned global IP address and GPN, and a foreign IP address, said entry being 
used for translating in outgoing packets received by the NAT from the client using 
that protocol and having the foreign IP address as their destination, the client's 
private source IP address and GPN to the NATs global IP address and GPN, 
respectively, and for translating in incoming packets sent from the foreign IP 
address using that protocol to the NATs global destination IP address and GPN, 
the NATs global destination IP address and GPN to the client's private 
destination IP address and GPN, respectively. 

2. (Currently Amended) A method comprising: 

receiving a request from a client at a network address translator (NAT) 
that defines for a protocol not directly supported by the NAT a generalized port 
number (GPN) associated with that unsupported protocol and its location in each 
packetf:! . the location comprising an indication of a bit position within a packet of 
where the GPN begins and a length of the GPN; 

creating an entry in a translation table of the NAT that defines for that 
protocol an association between a client's private IP address and GPN, NATs 
assigned global IP address and GPN, and a foreign IP address; and 
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in outgoing packets received by the NAT from the client using that protocol 
and having the foreign IP address as their destination, translating in accordance 
with the entry, the client's private source IP address and GPN to the NATs global 
IP address and GPN, respectively. 

3. (Currently Amended) A method comprising: 

receiving a request from a client at a network address translator (NAT) 
that defines for a protocol not directly supported by the NAT a generalized port 
number (GPN) associated with that unsupported protocol and its location in each 
packet[: L the location comprising an indication of a bit position within a packet of 
where the GPN begins and a length of the GPN: 

creating an entry in a translation table of the NAT that defines for that 
protocol an association between a client's private IP address and GPN, a NAT's 
assigned global IP address and GPN, and a foreign IP address; and 

in incoming packets received by the NAT and sent from the foreign IP 
address using that protocol to the NATs global destination IP address and GPN, 
translating in accordance with the entry, the NATs global destination IP address 
and GPN to the client's private destination IP address and GPN, respectively. 

4. (Original) The method of claims 1 , 2 or 3 wherein the entry further 
defines an expiration time until which the entry is valid for translating packets. 

5. (Original) The method of claims 1 , 2 or 3 wherein the unsupported 
protocol is a protocol in the IP Security (IPSec) security protocol suite. 

6. (Original) The method of claim 5 wherein the unsupported protocol in 
the IPSec security suite is the Internet Security Association and Key 
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Management Protocol (ISAKMP) and the GPN is an initiator cookie leased from 
the NAT to be unique to the client. 

7. (Original) The method of claim 6 wherein the leased initiator cookie is 
chosen by the NAT to be used as both the client's GPN and the NAT's GPN. 

8. (Original) The method of claim 5 wherein the unsupported protocol in 
the IPSec security suite is the AH or ESP protocol in either the tunnel or transport 
modes, and the GPN is an incoming Security Parameter Index (SPI) leased from 
the NAT to be unique to the client. 

9. (Original) The method of claim 8 wherein the leased SPI is chosen by 
the NAT to be used as both the client's GPN and the NAT's GPN. 

10. (Currently Amended) A network address translator (NAT) 
comprising: 

means for receiving a request from a client that defines for a protocol not 
directly supported by the NAT a generalized port number (GPN) associated with 
that unsupported protocol and its location in each packetf:1 . the location 
comprising an indication of a bit position within a packet of where the GPN 
begins and a length of the GPN: 

memory means for storing a translation table; 

means for creating an entry in the translation table that defines for that 
protocol an association between a client's private IP address and GPN, a NAT's 
assigned global IP address and GPN, and a foreign IP address, said entry being 
used for translating in outgoing packets received by the NAT from the client using 
that protocol and having the foreign IP address as their destination, the client's 
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private source IP address and GPN to the NAT'S global IP address and GPN, 
respectively, and for translating in incoming packets sent from the foreign IP 
address using that protocol to the NAT's global destination IP address and GPN, 
the NATs global destination IP address and GPN to the client's private 
destination IP address and GPN. respectively. 

1 1 . (Currently Amended) A network address translator (NAT) 
comprising: 

means for receiving a request from a client at a network address translator 
(NAT) that defines for a protocol not directly supported by the NAT a generalized 
port number (GPN) associated with that unsupported protocol and its location in 
each received packet[: L the location comprising an indication of a bit position 
within a packet of where the GPN begins and a length of the GPN: 

memory means for storing a translation table; 

means for creating an entry in the translation table that defines for that 
protocol an association between a client's private IP address and GPN, NATs 
assigned global IP address and GPN, and a foreign IP address; and 

means for, in outgoing packets received by the NAT from the client using 
that protocol and having the foreign IP address as their destination, translating in 
accordance with the entry, the client's private source IP address and GPN to the 
NATs global IP address and GPN, respectively. 

12. (Currently Amended) A network address translator (NAT) 
comprising: 

means for receiving a request from a client that defines for a protocol not 
directly supported by the NAT a generalized port number (GPN) associated with 
that unsupported protocol and its location in each packetf:! , the location 
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comprising an indication of a bit position within a packet of where the GPN 
begins and a length of the GPN: 

memory means for storing a translation table; 

means for creating an entry in the translation table that defines for that 
protocol an association between a client's private IP address and GPN, a NAT'S 
assigned global IP address and GPN, and a foreign IP address; and 

means for, in incoming packets received by the NAT and sent from the 
foreign IP address using that protocol to the NAT'S global destination IP address 
and GPN, translating in accordance with the entry, the NATs global destination 
IP address and GPN to the client's private destination IP address and GPN, 
respectively. 

1 3. (Original) The NAT of claims 1 0, 1 1 or 1 2 wherein the entry further 
defines an expiration time until which the entry is valid for translating packets. 

14. (Original) The NAT of claims 10, 1 1 or 12 wherein the unsupported 
protocol is a protocol in the IP Security (IPSec) security protocol suite. 

15. (Original) The NAT of claim 14 wherein the unsupported protocol in 
the IPSec security suite is the Internet Security Association and Key 
Management Protocol (ISAKMP) and the GPN is an initiator cookie leased from 
the NAT to be unique to the client. 

16. (Original) The NAT of claim 15 wherein the leased initiator cookie is 
chosen by the NAT to be used as both the client's GPN and the NAT's GPN. 
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17. (Original) The NAT of claim 14 wherein the unsupported protocol in 
the IPSec security suite is the AH or ESP protocols in tunnel or transport nnodes. 
and the GPN is an incoming Security Parameter Index (SPI) leased from the 
NAT to be unique to the client. 

18. (Original) The NAT of claim 17 wherein the leased SPI is chosen by 
the NAT to be used as both the client's GPN and the NATs GPN. 

19. (Currently Amended) A computer readable media tangibly 
embodying a program of instoictions executable by a computer to perform a 
method at a network address translator (NAT), the method comprising: 

receiving a request from a client that defines for a protocol not directly 
supported by the NAT a generalized port number (GPN) associated with that 
unsupported protocol and its location in each packet[: L the location comprising 
an indication of a bit position within a packet of where the GPN begins and a 
length of the GPN: 

creating an entry in a translation table of the NAT that defines for that 
protocol an association between a client's private IP address and GPN, a NATs 
assigned global IP address and GPN, and a foreign IP address, said entry being 
used for translating in outgoing packets received by the NAT from the client using 
that protocol and having the foreign IP address as their destination, the client's 
private source IP address and GPN to the NAT'S global IP address and GPN, 
respectively, and for translating in incoming packets sent from the foreign IP 
address using that protocol to the NAT's global destination IP address and GPN, 
the NAT'S global destination IP address and GPN to the client's private 
destination IP address and GPN, respectively. 



Serial No. 09/698973 



10 



20. (Currently Amended) A computer readable media tangibly 
embodying a program of instructions executable by a computer to perform a 
method at a network address translator (NAT), the method comprising: 

receiving a request from a client that defines for a protocol not directly 
supported by the NAT a generalized port number (GPN) associated with that 
unsupported protocol and its location in each packetr:1 , the location comprising 
an indication of a bit position within a packet of where the GPN begins and a 
length of the GPN: 

creating an entry in a translation table of the NAT that defines for that 
protocol an association between a client's private IP address and GPN, NATs 
assigned global IP address and GPN, and a foreign IP address; and 

in outgoing packets received by the NAT from the client using that protocol 
and having the foreign IP address as their destination, translating in accordance 
with the entry, the client's private source IP address and GPN to the NATs global 
IP address and GPN, respectively. 

21 . (Currently Amended) A computer readable media tangibly 
embodying a program of instructions executable by a computer to perform a 
method at a network address translator (NAT), the method comprising: 

receiving a request from a client that defines for a protocol not directly 
supported by the NAT a generalized port number (GPN) associated with that 
unsupported protocol and its location in each packetf: L the location comprising 
an offset of the GPN within each packet and a length of the GPN: 

creating an entry in a translation table of the NAT that defines for that 
protocol an association between a client's private IP address and GPN, a NAT's 
assigned global IP address and GPN. and a foreign IP address; and 
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in incoming packets received by the NAT and sent from the foreign IP 
address using that protocol to the NATs global destination IP address and GPN. 
translating in accordance with the entry, the NATs global destination IP address 
and GPN to the client's private destination IP address and GPN, respectively. 

22. (Original) The media of claims 19, 20 or 21 where in the method the 
entry further defines an expiration time until which the entry is valid for translating 
packets. 

23. (Original) The media of claims 19, 20 or 21 where in the method the 
unsupported protocol is a protocol in the IP Security (IPSec) security protocol 
suite, 

24. (Original) The media of claim 23 wherein the unsupported protocol in 
the IPSec security suite is the Internet Security Association and Key 
Management Protocol (ISAKMP) and the GPN is an initiator cookie leased from 
the NAT to be unique to the client. 

25. (Original) The media of claim 24 wherein the leased initiator cookie 
is chosen by the NAT to be used as both the client's GPN and the NAT'S GPN. 

26. (Original) The media of claim 23 wherein the unsupported protocol in 
the IPSec security suite is the AH or ESP protocol in either the tunnel or transport 
modes, and the GPN is an incoming Security Parameter Index (SPI) leased from 
the NAT to be unique to the client. 
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27. (Original) The method of claim 26 wherein the leased SPI is chosen 
by the NAT to be used as both the client's GPN and the NAT's GPN. 



